Security Directory

W

W.A.G. payment solutions, a.s.

inelo.pl

65

Eurowag, incorporating Inelo, is a leading European provider of integrated mobility and payment solutions tailored for the road transport sector. Their offerings include advanced telematics, seamless payment services such as fuel cards and mobile payments, and comprehensive compliance and driver management solutions. The company targets transport companies and fleet managers, aiming to optimize fleet efficiency and regulatory adherence across multiple European markets. The website reflects a mature digital presence with multilingual support and extensive service descriptions. Technically, the website is built on Webflow CMS, leveraging modern JavaScript libraries and integrations such as Google Tag Manager and LiveChat for analytics and customer engagement. The site is well-optimized for mobile devices, features accessibility considerations, and employs security best practices including HTTPS and CAPTCHA on forms. The technical infrastructure suggests a robust and scalable platform suitable for enterprise operations. From a security perspective, the site demonstrates a strong posture with encrypted communications, secure form handling, and no visible vulnerabilities or exposed sensitive data. However, explicit security headers could be more clearly implemented, and incident response contact details are not publicly provided. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including GDPR adherence and user consent mechanisms. Overall, the website and business exhibit high professionalism, trustworthiness, and operational maturity. The lack of public WHOIS data is consistent with privacy protection practices common among large enterprises. Strategic recommendations include enhancing security header implementation, publishing vulnerability disclosure policies, and providing clearer incident response contacts to further strengthen trust and security readiness.

F

fireTMS.com Sp. z o.o.

firexgo.com

70

fireXgo is a freight exchange platform integrated into the fireTMS transport management system, designed to serve transport and forwarding companies by providing a unified tool for posting freights, finding transport orders, and managing transport operations comprehensively. The platform leverages the established fireTMS user base and infrastructure, offering real-time load monitoring and GPS telematics integration to enhance operational transparency and efficiency. The business targets freight forwarders and carriers, positioning itself as a secure and reliable marketplace with verified users and a large volume of daily orders. Technically, the website is built on a modern React and Next.js stack, hosted by OVH sas, and integrates Google services such as reCAPTCHA and Tag Manager for security and analytics. The site is mobile-optimized and provides a professional user experience with clear navigation and comprehensive content. However, some GDPR compliance aspects, such as cookie consent mechanisms, are missing. From a security perspective, fireXgo enforces HTTPS, uses user verification to reduce fraud risk, and integrates GPS telematics for real-time tracking. The absence of DNSSEC and explicit security headers suggests room for improvement in hardening the platform. No critical vulnerabilities or exposed sensitive data were detected. Overall, fireXgo presents a credible and professional service with strong business credibility and technical maturity. Strategic improvements in privacy compliance and security policies would further enhance trust and regulatory adherence.

CabaDesign is a small Czech Republic-based web development service provider specializing in creating websites and web applications. The company appears to be operated by Ing. Jan Cabalka and has been active since at least 2010, as supported by domain registration data. The website content is minimal but clearly communicates the core business offering and provides direct contact information including email, phone, and physical location. The market position is that of a small local technology service provider targeting businesses or individuals needing web development solutions. Technically, the website uses basic modern web technologies including Google Fonts, Google Analytics, and Google Tag Manager for tracking. Hosting is provided by WEDOS, a Czech hosting provider, consistent with the domain registrar. The site lacks advanced frameworks or CMS indications and has basic mobile and accessibility features. SEO and performance optimizations appear minimal but functional. From a security perspective, the site uses HTTPS (assumed from domain and hosting) but lacks visible security headers and published security or privacy policies. No forms or input fields are present to assess input security. Google Analytics tracking is implemented without visible cookie consent mechanisms, indicating potential GDPR compliance gaps. The WHOIS data is consistent and supports the legitimacy of the business with no privacy protection or suspicious patterns. Overall, the website is functional and credible for a small business but lacks comprehensive privacy, security, and compliance features. Strategic improvements in privacy policy publication, security headers, and consent mechanisms would enhance trust and compliance posture.

A

Ace IT s.r.o.

gdpr-experts.cz

44

GDPR Experts, operated by Ace IT s.r.o., is a specialized small business based in the Czech Republic providing GDPR compliance and IT security consulting services. Their offerings include GDPR training, audits, legal documentation, and IT security assessments tailored for companies and entrepreneurs within the EU. The website is professionally designed with clear navigation and relevant content targeting businesses needing GDPR solutions. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and Google Analytics, indicating a moderate level of digital maturity. However, there are gaps in privacy compliance, notably the absence of explicit privacy and cookie policies. Security posture is adequate with HTTPS implied but lacks visible security headers and incident response information. Overall, the domain registration data aligns well with the business, supporting legitimacy and trustworthiness.

S

swissporTON

swissporton.ro

54

swissporTON is a Romanian-based manufacturer and retailer specializing in high-quality ceramic roof tiles and related roofing products. The company emphasizes Swiss quality standards, offering over 200 product variants with a 50-year warranty, targeting investors, roof installers, architects, and distributors. The website presents a professional and consistent brand image with extensive product information and support resources. Technically, the site uses modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly but lacks explicit privacy and terms of service pages, which are areas for improvement. Security posture is good with HTTPS enforced, though security headers are not evident in the provided data. Overall, swissporTON demonstrates a solid market position with a trustworthy online presence but should enhance privacy compliance and security transparency.

G

Globetrotter

globetrotter.ch

63

Globetrotter is a Swiss travel company offering a wide range of travel experiences, advisory services, and curated travel recommendations. The website targets diverse traveler segments including families, solo travelers, and those interested in responsible tourism. The company appears to have a solid market position in Switzerland with a medium-sized business profile. Technically, the website uses modern web technologies such as the Svelte framework, lazy loading for images, and integrates a consent management platform to comply with privacy regulations. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses consent management but lacks explicit security headers and published security policies, which could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and compliant with privacy standards, though it would benefit from publishing privacy and security policies and providing clearer contact information.

H

Hotelplan

hotelplan.ch

65

Hotelplan.ch is a leading Swiss online travel agency specializing in personalized holiday and travel bookings including flights, hotels, cruises, and car rentals. The website targets Swiss travelers seeking convenient and comprehensive travel solutions. Technically, the site employs modern frameworks such as Next.js and integrates multiple analytics and marketing tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS and security headers in place, though explicit privacy and cookie policies are not detected in the provided content, representing a compliance gap. Overall, the site is professional and trustworthy but would benefit from enhanced privacy disclosures and incident response documentation.

L

Luzerner Kantonalbank

lukb.ch

75

Luzerner Kantonalbank (LUKB) is a leading regional bank based in Luzern, Switzerland, providing a broad range of financial services including retail banking, mortgages, investment products, and personalized financial advisory. The website targets private customers primarily in the Luzern and Central Switzerland region, emphasizing personal service and innovative banking solutions. The bank maintains a strong market position as a trusted cantonal bank with a professional digital presence. Technically, the website employs modern web technologies such as Google Tag Manager, Cookiebot for consent management, and HTMX for dynamic content. It is well-optimized for mobile devices and accessibility, with good SEO practices and comprehensive metadata. The site uses HTTPS with strong security headers, ensuring secure communications and protecting user data. From a security perspective, the site demonstrates good practices including secure cookie handling, consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not publicly detailed, representing an area for improvement. The privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website is professional, trustworthy, and secure, with extensive content relevant to its audience. It integrates multiple analytics and marketing tools responsibly, maintaining transparency and user control over data. Strategic recommendations include publishing detailed security policies, vulnerability disclosure mechanisms, and enhancing transparency around data protection officers to further strengthen trust and compliance.

M

MonoSystems

monosystems.com

10

MonoSystems is a specialized manufacturer and direct seller of cable management systems including cable trays, raceways, power poles, and j-hooks. The company positions itself as a unique direct manufacturer with over 50 years of industry experience and is part of the NIEDAX GROUP. Their website targets electrical contractors, engineers, architects, and general contractors, offering detailed product information, downloadable resources, and customer engagement through forms and social media. Technically, the site is built on WordPress with WooCommerce and uses modern libraries such as jQuery and Bootstrap, integrating Google Analytics and Tag Manager for tracking. Security measures include HTTPS and Google reCAPTCHA on forms, but the site lacks visible privacy and cookie policies as well as security headers, which are areas for improvement. The WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and business presence indicate a legitimate operation. Overall, the site is professional and functional with moderate technical maturity and good business credibility.

S

SpinaGroup Srl

spinagroup.com

10

SpinaGroup Srl is an established Italian company specializing in integrated solutions for industrial plants, focusing on electrical and instrumentation packages. With over 30 years of experience and recent integration into the Niedax Group, the company offers customized and ready-made solutions for industrial plant engineering. Their target audience includes industrial companies and plant engineers seeking reliable electrical materials and services. The website reflects a professional B2B business model with a clear market position in the energy and manufacturing sectors. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable digital infrastructure. The site includes cookie consent mechanisms and Google Tag Manager for analytics, demonstrating digital maturity and privacy awareness. Performance and mobile optimization are good, though some accessibility features could be enhanced. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected, but improvements in security best practices and transparency are recommended. Overall, the website is trustworthy and professional, though the lack of WHOIS data reduces domain trust slightly. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility to strengthen compliance and user trust.

U

Unia

unia.ch

10

Unia is the largest trade union in Switzerland, serving a broad range of employees across industries such as construction, manufacturing, commerce, and private services. The organization operates as a non-profit entity focused on labor rights, collective bargaining agreements, and member services. The website is built on TYPO3 CMS and integrates modern analytics and tracking tools like Google Tag Manager and Facebook Pixel, with privacy-conscious default settings denying consent until granted. Security posture is solid with HTTPS enforced, though improvements can be made by adding security headers and explicit privacy and cookie policies. The site is well-branded, multilingual, and professionally designed, targeting workers and union members in Switzerland.

S

syndicom

syndicom.ch

52

syndicom is a prominent Swiss trade union representing employees in logistics, information and communication technology, and media sectors. The organization advocates for fair working conditions, social justice, and responsible technological progress. It offers services such as collective bargaining, legal advice, education, and campaigns to its members. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support, targeting employees and stakeholders in Switzerland. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the domain registration aligns with the organization's identity, supporting legitimacy and trustworthiness.

S

Sympany Services AG

sympany.ch

70

Sympany Services AG is a Swiss insurance company specializing in health insurance, offering both basic and supplementary insurance products alongside vehicle, household contents, and business insurance. The company targets individuals and corporate customers within Switzerland, positioning itself as a trusted and customer-centric insurer with high satisfaction ratings. The website reflects a professional and comprehensive digital presence with clear navigation and extensive service information. Technically, the website employs modern JavaScript libraries, Google Tag Manager for analytics, and Usercentrics for consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with secure HTTPS connections and no visible technical vulnerabilities. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks publicly available dedicated security policies or incident response contacts. No exposed sensitive data or vulnerabilities were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with recommendations to enhance security transparency and implement additional security headers to further strengthen its security posture.

K

KENDRIS Capital Limited

kendriscapital.com

74

KENDRIS Capital Limited is an independent alternative investment fund manager specializing in multi-asset class fund solutions domiciled in Cyprus and Luxembourg. It operates as a wholly owned subsidiary of KENDRIS AG, targeting professional and well-informed investors with a comprehensive suite of fund management services including portfolio management, risk management, marketing, distribution, and fund administration. The company emphasizes a personal, independent, and digital approach to fund management, supported by a strong regulatory framework under CySEC. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, and CookieYes for consent management, ensuring a professional and user-friendly digital presence. Security measures include HTTPS enforcement and reCAPTCHA integration, though there is room for improvement in security headers and published security policies. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the overall website content and regulatory disclosures support a trustworthy business profile.

T

Touraine Val de Loire

tourainevaldeloire.com

63

Touraine Val de Loire is a regional tourism organization promoting cultural, natural, and gastronomic experiences in the Touraine region of France. The website is professionally designed with multi-language support and rich content targeting tourists and visitors. The technical infrastructure leverages modern JavaScript modules, WordPress CMS, and integrates analytics and consent frameworks, indicating a mature digital presence. Security posture is good with HTTPS and consent mechanisms, though explicit privacy policies and contact information are missing. The absence of WHOIS registration data is a notable concern but may be due to privacy or data source limitations. Overall, the site is trustworthy and well-positioned for tourism promotion but should improve transparency and compliance documentation.

C

Conseil départemental des Vosges

vosges.fr

58

The website www.vosges.fr is the official online presence of the Conseil départemental des Vosges, a regional government entity in France. It serves as a comprehensive portal for residents and visitors, offering information on public services, cultural events, tourism, and local governance. The site is positioned as a trusted source for regional information and services, targeting a broad audience including citizens, businesses, and tourists. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies such as jQuery, FontAwesome, and various analytics tools including Matomo and Facebook Pixel. The infrastructure supports good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data. While no critical vulnerabilities were detected, the absence of a publicly available security policy and incident response contact suggests room for improvement in transparency and preparedness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website demonstrates a strong legitimacy and trustworthiness profile consistent with an official government entity. The lack of WHOIS data is likely due to privacy protection policies common in French domains. Strategic recommendations include publishing explicit security and incident response policies, enhancing monitoring of third-party scripts, and considering a vulnerability disclosure program to further strengthen security posture.

S

Sorell Hotels

sorellhotels.com

59

Sorell Hotels is a Swiss boutique hospitality group operating 15 hotels, event locations, and restaurants across multiple Swiss cities. The website presents a professional and modern digital presence built on Drupal 11 with a focus on user experience, mobile optimization, and SEO. The company emphasizes unique guest experiences, local culture, and sustainability. The site integrates a booking system and consent management via Usercentrics, demonstrating awareness of privacy compliance. However, explicit privacy policy and terms of service pages are not clearly found, which is a compliance gap. The WHOIS data for the domain www.sorellhotels.com is unavailable, raising questions about domain registration transparency, though the website content and branding strongly indicate a legitimate business. Security posture is good with HTTPS and secure forms, but lacks visible security headers and incident response information.

B

benevol Schweiz

benevol.ch

56

benevol Schweiz is a Swiss non-profit umbrella organization that connects regional volunteer offices and promotes volunteer engagement across Switzerland. The website serves as a central hub for volunteer opportunities, educational resources, and recognition tools, positioning benevol as a leading entity in the volunteer sector. The organization targets volunteers, organizations seeking volunteers, and public entities, offering services such as a volunteer job platform and educational courses. Technically, the website employs modern web technologies including Google Tag Manager, CookieYes for consent management, and Cloudflare Turnstile for bot protection, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security cookies, and privacy compliance, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

Z

Zeitpol AG

aha.ag

59

AHA (operated by Zeitpol AG) is a hospitality and cultural venue located in Aarau, Switzerland, offering a diverse range of live events, dining experiences, and room rentals. The website presents a professional and engaging platform showcasing upcoming events, restaurant offerings, and cultural programs, targeting local residents and visitors interested in entertainment and social gatherings. The business is relatively young, founded in 2021, and positions itself as a vibrant community hub with a unique industrial ambiance. Technically, the website leverages modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates common analytics tools like Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and comprehensive security headers. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism. Overall, the site is trustworthy, well-branded, and user-friendly, though improvements in security and privacy transparency are recommended.

I

IFEMA MADRID

ifema.es

67

IFEMA MADRID is a leading Spanish operator and one of the most important in Europe within the international circuit of the fair and congress industry. The organization specializes in creating relationships between people, brands, and experiences through a wide range of events including leisure, tourism, art, fashion, technology, motor, education, employment, and gastronomy. Their market position is strong as a large entity serving businesses, professionals, and the general public interested in events in Madrid and Europe. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, Google Analytics, Visual Website Optimizer, and OneTrust for cookie consent, reflecting a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though the absence of a public security policy or incident response contact is noted. WHOIS data is restricted by the Spanish registry policy, which is typical and not suspicious. Overall, the website is trustworthy, compliant with GDPR, and safe for general audiences.

M

Münchener Verein Versicherungsgruppe

mv-maklernetz.de

65

Münchener Verein Versicherungsgruppe operates a professional insurance broker portal offering a wide range of insurance products including health, care, retirement, and business insurance. The company holds a strong market position in Germany, evidenced by multiple industry awards and certifications. The website targets insurance brokers and business customers, providing tools, calculators, and comprehensive product information to support daily operations. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates Google Analytics and Usercentrics for privacy compliance. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and consent management, though HTTP security headers could be improved. No vulnerabilities or blocking mechanisms were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Münchener Verein Versicherungsgruppe

mv-partnernetz.de

64

Münchener Verein Versicherungsgruppe operates a professional partner portal targeting insurance brokers and customers in Germany. The website offers comprehensive insurance products including health, life, pension, and business insurance solutions. It holds a strong market position as a multiple-time award-winning insurer, emphasizing trust and reliability. The portal supports partners with product details, contracts, and tools, reflecting a B2B and B2C hybrid business model. Technically, the site is built on TYPO3 CMS, integrates modern analytics and consent management tools, and is hosted behind Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS and GDPR compliance, though some security headers and explicit policies could be enhanced. Overall, the site is professional, trustworthy, and well-structured, serving its target audience effectively.

R

ReviewsJet

reviewsjet.com

61

ReviewsJet is a SaaS platform specializing in aggregating and displaying customer reviews from multiple sources such as Google, Yelp, Etsy, and more. It targets small and medium businesses seeking to enhance their website credibility through authentic testimonials and social proof. The platform offers integrations with popular website builders and marketing tools, providing a streamlined user experience for review management and display. Technically, the website is built using modern frameworks like React and Next.js, hosted on DigitalOcean, and optimized for performance and mobile responsiveness. Security posture is solid with HTTPS and domain protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is basic with policies present but lacking advanced consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche.

H

Hintbox

hintbox.de

72

Hintbox is a professional provider of secure whistleblower systems, offering ISO 27001 certified software solutions tailored to meet EU and German regulatory requirements. The company targets medium to large enterprises and public sector organizations, providing a cloud-based platform with multilingual support, case management, and customizable forms. The website demonstrates a strong market position with over 1000 customers, including notable enterprises such as REWE Group and Huf Group. Technically, Hintbox employs modern web technologies, integrates comprehensive consent management via Usercentrics, and uses reputable analytics and marketing tools. Hosting is provided by Hetzner, a certified German data center, ensuring data sovereignty and security. Security posture is robust, with end-to-end encryption, two-factor authentication, and isolated data storage, although some HTTP security headers could be improved. Overall, the website is well-designed, user-friendly, and compliant with GDPR and other privacy regulations.

E

ESYLUX Deutschland GmbH

services-esylux.de

49

ESYLUX Deutschland GmbH operates a professional website offering intelligent automation and lighting solutions focused on energy efficiency and human-centric lighting. The company targets business and professional customers in the technology and energy sectors, providing a broad product portfolio and digital tools. The website is built on TYPO3 CMS with modern technologies and includes comprehensive privacy and cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and no exposed sensitive data, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for user experience and compliance.

H

Hunkemöller

hunkemoller.nl

10

Hunkemöller is a well-established European lingerie and swimwear retailer with a strong online presence, targeting primarily women shoppers in the Netherlands and other European countries. The company operates multiple country-specific websites and offers a broad range of products including lingerie, swimwear, and nightwear. Their market position is strong as a leading brand in the retail lingerie sector. Technically, the website is built on modern frameworks such as React and uses Bloomreach CMS, with good mobile optimization and accessibility features. The security posture is robust, featuring HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly available. Overall, the site demonstrates a mature digital infrastructure with extensive analytics and marketing tools, balanced with good privacy compliance. The risk profile is low with recommendations to enhance transparency on security policies and incident response.

H

Hunkemöller

hunkemoller.be

10

Hunkemöller is a prominent European lingerie and swimwear retailer with a strong online presence in Belgium and other European markets. The website offers a comprehensive e-commerce platform featuring a wide range of lingerie, swimwear, and nightwear products targeted at a mature audience. The brand is well-established with consistent branding and a professional digital storefront. Technically, the site leverages a modern tech stack including Salesforce Commerce Cloud (Demandware), various analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and Bloomreach, and is hosted on Microsoft Azure infrastructure. The website is mobile-optimized and implements privacy and cookie consent mechanisms in compliance with GDPR regulations. Security-wise, the site enforces HTTPS, uses security headers, and registers service workers, but lacks publicly available security policies or incident response information. WHOIS data for the domain is restricted, typical for .be domains, which slightly impacts trust but is mitigated by the brand's reputation and professional site quality. Overall, the site demonstrates a mature e-commerce operation with good security and privacy practices but could improve transparency around security policies and incident response.

H

Hunkemöller

hunkemoller.dk

10

Hunkemöller is a leading Danish lingerie and swimwear retailer operating a professional e-commerce platform targeting primarily women in Denmark and Europe. The website offers a comprehensive product range including lingerie, swimwear, and nightwear, supported by a loyalty program and customer reviews. The technical infrastructure is built on Salesforce Commerce Cloud (Demandware) with integration of multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, Facebook Pixel, Hotjar, Bloomreach, and Yotpo, indicating a mature digital marketing and analytics strategy. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although no explicit security policy or vulnerability disclosure is publicly available. The domain WHOIS data is not available, likely due to privacy protection, which is common for large retail brands. Overall, the website demonstrates good professionalism, security, and compliance with privacy regulations, serving a mature audience with lingerie and swimwear products.

E

ESYLUX GmbH & Co. KG

esylux.com

10

ESYLUX GmbH & Co. KG is a medium-sized German technology company specializing in intelligent automation and lighting solutions, targeting business sectors such as offices, education, healthcare, and outdoor environments. The company offers a broad portfolio including presence and motion detectors, lighting systems, and control technologies, positioning itself as an established specialist with international reach. The website reflects a mature digital presence with a professional design, multilingual support, and comprehensive product and service information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and analytics tools, delivering good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though there is room for improvement in published security policies and incident response transparency. The absence of WHOIS registration data slightly impacts domain trust but is mitigated by the professional and consistent web presence. Overall, ESYLUX demonstrates a solid business and technical foundation with good compliance and security practices.

E

Easee

easee.com

11

Easee is a Norwegian company specializing in smart electric vehicle charging solutions, offering adaptable chargers compatible with various vehicles and power supplies. The company positions itself as an innovative player in the energy and transportation sectors, targeting EV owners, businesses, and installers. Their website reflects a mature digital presence with excellent content quality, professional design, and strong branding consistency. Technically, the site leverages modern technologies including Google Tag Manager, reCAPTCHA, and Cloudflare, hosted on AWS infrastructure, and built on WordPress with Yoast SEO for optimization. Security posture is strong with HTTPS enforced, EPP domain locks, and a comprehensive cookie consent mechanism, although DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is well addressed with a detailed cookie policy and GDPR-aligned consent management. Overall, the website is trustworthy, professional, and well-optimized for user experience and SEO.

M

Münchener Verein Versicherungsgruppe

muenchener-verein.de

11

Münchener Verein Versicherungsgruppe is a well-established German insurance provider with over 100 years of history, specializing in health, retirement, and business insurance products. The company operates as a mutual insurance association, emphasizing fair premiums and community strength without external shareholders. Their market position is strong, evidenced by multiple awards including 'Versicherer des Jahres' for 14 consecutive years and top ratings from Stiftung Warentest. Technically, the website is built on TYPO3 CMS, uses modern tracking and consent management tools, and is hosted with Cloudflare DNS services, ensuring good performance and security. Security posture is strong with HTTPS, security headers, and GDPR compliance, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, trustworthy, and user-friendly, targeting both private and business customers with comprehensive insurance offerings and digital service channels.

P

Power Electronics S.L.

power-electronics.com

11

Power Electronics S.L. is a well-established multinational company specializing in renewable energy solutions, including solar inverters, energy storage systems, electric mobility charging infrastructure, and industrial drives. The company holds a strong market position as a global benchmark in these sectors, with a focus on sustainable and clean energy technologies. Their website reflects a professional and comprehensive digital presence, targeting industry professionals and business clients worldwide. Technically, the site is built on modern frameworks such as Next.js and React, hosted likely on AWS infrastructure, and optimized for performance and mobile use. Security posture is solid with HTTPS enforced and domain protections in place, though improvements in DNSSEC and security headers are recommended. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the website and domain data indicate a legitimate, trustworthy, and mature business with a high level of professionalism and digital maturity.

S

smARTec Veranstaltungstechnik AG

smartec.com

38

smARTec Veranstaltungstechnik AG is a Swiss-based company specializing in mobile event technology and digital events, offering services such as lighting, sound, and video technology rental and operation. Positioned as a Swiss industry leader with approximately 2000 projects annually, the company targets corporate, public, and exhibition event organizers. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site uses TYPO3 CMS with modern JavaScript libraries and integrates analytics tools like Google Analytics and Matomo, indicating a good level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website and certifications. Overall, the site is trustworthy and business credible but would benefit from improved transparency in domain registration and security policies.

K

KENDRIS Ltd

kendris.com

74

KENDRIS Ltd is a Swiss-based international advisory and fiduciary services firm with a strong focus on wealthy individuals, family offices, corporations, and institutional clients. The company emphasizes its Swiss entrepreneurial roots, confidentiality, and independence from banks and financial institutions. With over 110 years of history and a presence in multiple countries, KENDRIS offers a broad range of services including trusts, corporate services, tax and legal advice, family office services, and alternative investment fund solutions through its subsidiary KENDRIS Capital Limited. The website is professionally designed, well-structured, and provides comprehensive information about its services and corporate group. Technically, the website employs modern technologies such as Google Tag Manager, CookieYes for consent management, and Mautic for marketing automation. It is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced and secure forms, though it lacks explicit security policy and incident response information. Privacy compliance is well addressed with clear cookie and privacy policies and GDPR adherence. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which partially impacts the overall trustworthiness score. Despite this, the professional presentation and detailed business information mitigate some risks. Overall, the website represents a credible and mature financial services firm with room for improvement in transparency around security policies and domain registration verification.

Auto Schmid AG operates as an authorized Mercedes-Benz dealership in Switzerland, providing a comprehensive range of automotive services including new and used vehicle sales, leasing, financing, and after-sales services. The company benefits from strong brand association with Mercedes-Benz Schweiz AG, leveraging official product information and service offerings. The website targets car buyers and Mercedes-Benz customers in the Swiss market, offering a professional and user-friendly digital experience. Technically, the website is built on a modern stack including Vue.js and Web Components, hosted on Mercedes-Benz's OneWeb platform with Adobe Experience Manager as the CMS. It demonstrates good performance, mobile optimization, and accessibility. The site employs advanced analytics and marketing tools such as Google Analytics 360, Datadog RUM, and Salesforce marketing suites, with appropriate cookie consent mechanisms. From a security perspective, the site enforces HTTPS, uses strong security headers, and avoids exposing sensitive data. However, it lacks explicit security policy and incident response information, which could be improved. Privacy compliance is robust, with comprehensive privacy and cookie policies aligned with GDPR and Swiss data protection laws. Contact information is transparent and complete, including a named data protection officer. Overall, the website presents a trustworthy, professional, and secure online presence for Auto Schmid AG, supporting its business objectives effectively. Strategic enhancements in security transparency and incident response readiness would further strengthen its posture.

N

Nau.ch

nau.ch

49

Nau.ch is a Swiss online news portal delivering news content focused on Switzerland, covering sports, politics, and people. The website targets a general Swiss audience and positions itself as a modern news platform with multimedia content including videos. Technically, the site uses the Qwik framework, integrates Google Analytics and Tag Manager, and employs OneSignal for push notifications, indicating a mature digital infrastructure optimized for performance and mobile responsiveness. Security-wise, the site enforces HTTPS and appears to implement standard security headers, but lacks explicit published privacy and cookie policies, which are critical for GDPR compliance. No contact or incident response information is readily available, which could impact user trust and compliance. Overall, the website is professional and trustworthy but would benefit from enhanced privacy disclosures and security transparency.

B

Busbetrieb Aarau AG (BBA)

busaarau.ch

52

Busbetrieb Aarau AG (BBA) is a regional public transportation company operating bus services in Aarau, Switzerland. The company provides comprehensive transit services including bus lines, schedules, ticketing options, and customer support. Their website is designed to serve local commuters and visitors with real-time information and service updates. The business operates in the transportation sector with a medium-sized organizational footprint and a clear focus on regional mobility solutions. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses a secure CMS platform but lacks some advanced security headers and does not publish a formal security or incident response policy. Privacy compliance is partially addressed with a privacy policy and cookie information, though no explicit cookie consent mechanism is present. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives.

W

WEBSI

websi.si

47

WEBSI is the largest competition for digital projects in Slovenia, organized by Webtasy, d.o.o. The platform serves as an event organizer and information hub for digital project competitions, providing details about categories, awards, jury members, and news updates. The website is professionally designed using WordPress CMS, with modern web technologies such as lazy loading and structured data for SEO. It targets digital project participants and stakeholders within Slovenia, positioning itself as a key player in the local digital event space. The domain is well-established since 2012, reinforcing its credibility. From a technical perspective, the website employs Google Tag Manager and iprom.net for analytics and tracking, indicating a moderate level of digital maturity. The site is mobile-optimized and offers good user experience and navigation clarity. However, there is room for improvement in accessibility and security headers implementation. Security posture is solid with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. The absence of explicit privacy and cookie policies and security headers slightly reduces compliance and security scores. No WAF or blocking mechanisms were detected, allowing full content access. Overall, WEBSI presents a trustworthy and professional digital competition platform with good business credibility and technical implementation. Strategic enhancements in privacy compliance and security best practices would further strengthen its posture.

R

Razvojni center Murska Sobota

spotpomurje.si

45

SPOT svetovanje Pomurje is a regional business support initiative operated by Razvojni center Murska Sobota, providing free consulting, mentoring, and business registration services to entrepreneurs and SMEs in the Pomurje region of Slovenia. The website reflects a well-established public service supported by European and national government funds, with clear partnerships and a focus on fostering regional economic development. Technically, the site uses modern JavaScript libraries, Google Maps API, and Google Tag Manager for analytics, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although formal security policies and incident response information are absent. Overall, the domain registration and WHOIS data align well with the business profile, indicating legitimacy and trustworthiness.

E

Euronext Corporate Solutions

companywebcast.com

76

Euronext Corporate Solutions operates as a comprehensive platform offering corporate services, compliance solutions, and investor relations tools tailored for listed companies and capital market participants. The website positions itself as a trusted partner in governance, regulatory compliance, and market communications, leveraging its affiliation with the reputable Euronext group. The platform provides a broad suite of products including IR.Manager, Shareholder Analysis, ESG advisory, and governance tools, targeting corporate clients seeking to optimize their capital market readiness and compliance frameworks. Technically, the website is built on HubSpot CMS, integrating advanced marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Segment, reflecting a mature digital infrastructure with good performance and mobile optimization. Security posture is strong with HTTPS enforced, use of Google reCAPTCHA Enterprise, and cookie consent mechanisms, although explicit security headers and a public security policy are not evident. The absence of WHOIS data for the subdomain is expected and does not detract from the legitimacy of the site, which aligns with the main euronext.com domain. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

S

Saentys

saentys.com

60

Saentys is a specialized creative consultancy agency focused on the real estate destination sector, providing services such as placemaking, leasing, tenant engagement, investment, and corporate solutions. The company positions itself as a leading agency helping real estate assets stand out in competitive markets. The website is professionally designed using WordPress with modern SEO and tracking tools, reflecting a mature digital presence. Security posture is adequate with HTTPS and CAPTCHA protections, though improvements in security headers and published policies are recommended. Overall, the site is trustworthy and well-maintained, supporting the company's business credibility.

C

cyber-Wear Heidelberg GmbH

bahnshop.de

53

bahnshop.de is the official merchandise e-commerce platform for Deutsche Bahn, operated by cyber-Wear Heidelberg GmbH. The website offers a wide range of branded products including collectibles, travel accessories, family and kids items, and other merchandise targeted at Bahn fans, travelers, and families. It holds a strong market position as the official shop for Deutsche Bahn merchandise, leveraging the brand's reputation and customer base. The business model focuses on online retail with customer account management and a comprehensive product catalog. The site is well-branded, consistent, and professionally maintained with a medium-sized operational scale and a founding date around 2014. Technically, the website is built on the Shopware CMS platform, utilizing modern web technologies such as JavaScript, CSS3, and HTML5. It integrates Google Tag Manager and Google Analytics for marketing and analytics purposes, and PayPal Unified for payment processing. Hosting is managed via EuroDNS nameservers, indicating a stable and professional hosting environment. The site demonstrates good mobile optimization, accessibility, and SEO practices, with moderate performance. From a security perspective, the site enforces HTTPS, uses CSRF tokens on forms, and implements cookie consent mechanisms compliant with GDPR. Security headers are present but could be enhanced with additional policies like Content-Security-Policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the site lacks a published security.txt or explicit incident response contact information, which could improve transparency and security posture. Overall, bahnshop.de presents a low-risk profile with strong business credibility, good technical implementation, and solid privacy compliance. Strategic recommendations include publishing a security.txt file, enhancing security headers, and providing incident response contacts to further strengthen trust and security readiness.

E

essociation.de – Die Plattform für Veranstaltungen zu E-Themen

essociation.de

56

The website essociation.de serves as a specialized platform focusing on events and educational offerings related to electrical engineering and the broader energy sector in Germany. It targets professionals and individuals interested in these topics by providing event listings and training information. The platform operates on TYPO3 CMS and is hosted by agenturserver, indicating a professional but small-scale operation. The technical infrastructure includes modern web technologies and consent management tools, reflecting a moderate level of digital maturity. Security posture is generally good with HTTPS enabled and assumed security headers, but lacks explicit documentation of privacy and security policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer contact information to improve trust and regulatory adherence.

Hottgenroth Software AG is a German software company specializing in energy and building technology solutions. The company targets professionals and businesses within the energy sector, offering software products and customer support services. Their website is professionally designed, consistent in branding, and primarily in German, reflecting their focus on the German market. The business model centers on providing specialized software tools for energy management and building technology, positioning them as an established player in this niche industry. Technically, the website is built on ASP.NET WebForms and utilizes common web technologies such as jQuery, Bootstrap, Google Tag Manager, and Google reCAPTCHA for security. Cookie consent is managed through Consentmanager.net, indicating a basic level of privacy compliance. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. SEO optimization is basic but present. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, which is positive. However, it lacks explicit security headers such as Content Security Policy and HSTS, and there is no publicly available privacy policy, terms of service, or vulnerability disclosure information. Incident response contacts and data protection officer details are also missing, which are important for compliance and trust. Overall, the website is safe and professional but could improve its privacy and security posture by publishing comprehensive policies, implementing security headers, and providing clear incident response channels. These improvements would enhance trustworthiness and compliance with GDPR and other regulations.

P

PRIMO GmbH

primo-gmbh.com

73

PRIMO GmbH is a German company specializing in innovative electrical installation solutions, targeting professional installers and construction sectors. The website presents a comprehensive catalog of products and services including underputzinstallation, hohlwandinstallation, betoninstallation, and factory production services. The company positions itself as a professional and innovative market player with a medium-sized business footprint in the energy sector. Technically, the website is built on a modern WordPress CMS platform using Elementor and WooCommerce, with performance optimizations via WP Rocket and analytics through Google Tag Manager. The site is well-structured, mobile-optimized, and compliant with GDPR regulations, featuring a detailed cookie consent mechanism. Security posture is good with HTTPS enforced, but lacks explicit security policies or incident response contacts. The absence of WHOIS domain registration data is a concern for domain legitimacy, though the website content and structure indicate a professional business presence. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with recommendations to improve security headers and transparency.

V

Vector Informatik GmbH

vector.de

77

Vector Informatik GmbH is a well-established technology company specializing in software tools, software components, and engineering services for networking electronic systems in the automotive sector and related industries. The company operates internationally with multiple subsidiaries and offices across Europe, Asia, and the Americas, reflecting a strong market presence and a B2B business model focused on automotive and transportation sectors. Their website is professionally designed, content-rich, and localized in multiple languages, targeting automotive industry professionals and partners. Technically, the website is built on the TYPO3 CMS platform, integrating modern technologies such as Google Tag Manager, Google Maps API, and OneTrust for cookie consent management. The site demonstrates good performance, mobile optimization, and accessibility features, indicating a mature digital infrastructure. The presence of comprehensive metadata, Open Graph tags, and SEO best practices further enhance its online visibility. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a publicly available security policy or incident response contact information suggests areas for improvement in transparency and readiness. The WHOIS data for the domain is unavailable, which is unusual but does not detract significantly from the site's legitimacy given the professional presentation and extensive contact information. Overall, Vector Informatik GmbH's website reflects a high level of professionalism, technical maturity, and compliance with privacy regulations, supporting its position as a trusted provider in the automotive software industry. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to further enhance trust and security posture.

G

Giersiepen GmbH & Co. KG

gira.de

56

Gira is a well-established German company specializing in smart home technology products such as switches, sockets, and security systems. The company operates a professional partner network to distribute and install its products, targeting private customers, architects, and electrical professionals. The website is professionally designed, mobile-optimized, and rich in content, providing extensive product information, technical documentation, and customer support resources. The digital infrastructure leverages modern analytics and marketing tools with a strong emphasis on user consent and privacy compliance. Security posture is robust with HTTPS enforcement and consent-based tracking, though explicit security policies are not publicly disclosed. Overall, Gira presents a trustworthy and mature online presence consistent with its market position as a leading smart home technology provider in Germany.

Milwaukee Tools Germany operates a professional-grade website offering a comprehensive range of power tools, hand tools, accessories, and personal protective equipment targeted at professional users in Germany. The site is well-branded and consistent with Milwaukee's global identity, providing a strong market presence in the manufacturing and retail sectors. The website infrastructure leverages modern JavaScript frameworks and integrates multiple analytics and marketing tools, reflecting a mature digital strategy. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response information are not prominently available. The domain WHOIS data is privacy protected, which is typical for commercial entities in the EU, and the website content and structure strongly indicate legitimacy. Overall, the site presents a professional and trustworthy digital front for Milwaukee Tools in the German market.

T

TRILUX GmbH & Co. KG

trilux.com

69

TRILUX GmbH & Co. KG is a well-established company specializing in innovative and energy-efficient lighting solutions tailored for industries, offices, retail, and outdoor environments. The company positions itself as a leader in sustainable and smart lighting technologies, targeting business clients seeking customized lighting solutions. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content that supports its business objectives. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The integration of OneTrust for cookie consent demonstrates a commitment to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. From a security perspective, the website enforces HTTPS and employs standard security headers, contributing to a strong security posture. However, the absence of a publicly accessible security policy or vulnerability disclosure page suggests areas for improvement in transparency and incident response readiness. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a low-risk profile with strong business credibility and compliance adherence. The missing WHOIS data is a notable anomaly but does not detract significantly from the trustworthiness given the professional nature of the site and its compliance features.